Anglo-Americans at Cyberwar: Two Weeks of Cupcakes

I’ve been meaning to return to this Ellen Nakashima story on our cyberwar efforts. As you recall, it lays out the turf war between the CIA and DOD over clandestine cyberops, partly by telling the story a fight over whether or not to disrupt the jihadist online magazine “Inspire.”

Last year, for instance, U.S. intelligence officials learned of plans by an al-Qaeda affiliate to publish an online jihadist magazine in English called Inspire, according to numerous current and senior U.S. officials. And to some of those skilled in the emerging new world of cyber-warfare, Inspire seemed a natural target.

The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander, argued that blocking the magazine was a legitimate counterterrorism target and would help protect U.S. troops overseas. But the CIA pushed back, arguing that it would expose sources and methods and disrupt an important source of intelligence. The proposal also rekindled a long-standing interagency struggle over whether disrupting a terrorist Web site overseas was a traditional military activity or a covert activity — and hence the prerogative of the CIA.

The CIA won out, and the proposal was rejected. But as the debate was underway within the U.S. government, British government cyber-warriors were moving forward with a plan.

When Inspire launched on June 30, the magazine’s cover may have promised an “exclusive interview” with Sheik Abu Basir al-Wahishi, a former aide to Osama bin Laden, and instructions on how to “Make a Bomb in the Kitchen of Your Mom.” But pages 4 through 67 of the otherwise slick magazine, including the bomb-making instructions, were garbled as a result of the British cyber-attack.

It took almost two weeks for al-Qaeda in the Arabian Peninsula to post a corrected version, said Evan Kohlmann, senior partner at Flashpoint Global Partners, which tracks jihadi Web sites.

The Telegraph elaborated on that story by telling of the swell cupcake recipes MI6 replaced the bomb recipe with.

The cyber-warfare operation was launched by MI6 and GCHQ in an attempt to disrupt efforts by al-Qaeda in the Arabian Peninsular to recruit “lone-wolf” terrorists with a new English-language magazine, the Daily Telegraph understands.

When followers tried to download the 67-page colour magazine, instead of instructions about how to “Make a bomb in the Kitchen of your Mom” by “The AQ Chef” they were greeted with garbled computer code.

The code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for “The Best Cupcakes in America” published by the Ellen DeGeneres chat show.

Written by Dulcy Israel and produced by Main Street Cupcakes in Hudson, Ohio, it said “the little cupcake is big again” adding: “Self-contained and satisfying, it summons memories of childhood even as it’s updated for today’s sweet-toothed hipsters.”

It included a recipe for the Mojito Cupcake – “made of white rum cake and draped in vanilla buttercream”- and the Rocky Road Cupcake – “warning: sugar rush ahead!”

By contrast, the original magazine featured a recipe showing how to make a lethal pipe bomb using sugar, match heads and a miniature lightbulb, attached to a timer.

So apparently this operation against Inspire, which had government hackers and their bosses on two continents scheming and in-fighting, succeeded in delaying for two weeks the publication of a bomb recipe that probably existed elsewhere on the Internet already.

With cupcakes.

And these spooks are apparently impressed enough with themselves that they’re boasting about it openly to journalists.

Dudes. Two weeks of cupcakes do not equate to Stuxnet.

I’ve been pondering the apparent self-congratulation over this op ever since I read this story, particularly in light of the seeming similarity between this op and the WikiLeaks hack last year. Do our cyberwarriors consider it a legitimate “win” to simply delay the publication of a transnational internet operation for a week or so? At what cost? And by “cost,” I mean both the tens of millions we’re investing to develop, apparently, the capability to engage in juvenile pranks. And also the cost in credibility as a purported defender of free speech wastes its time harassing, but not preventing, the free speech of groups it doesn’t like.

I mean, there must be more to our cyberwarfare than two weeks of cupcakes, isn’t there?

Of course, there must be, if the CIA was concerned about sources and methods. Presumably, CIA was already monitoring who was reading Inspire. Which–whatever it says about the First Amendment in this country–is probably still a better use of cyberwar time and dollars than two weeks of cupcakes.

Or are we to believe that the Generals think we’re going to win the GWOT by playing cyber-whack-a-mole with a group whose competitive advantage over us is in its nimbleness?

image_print
  1. MadDog says:

    It says a lot about the maturity level of both our DOD cyberwarriors and those of the Brit’s MI6 compared to that of the CIA’s.

    As juvenile and about on par with teenagers driving by and mooning the citizens on the local main drag on Saturday nights.

  2. JohnLopresti says:

    Cupcakes might be inapposite. I suspect four and twenty blackbirds a more dainty and thematic prospect. The Japan art of ikebana flower arranging would be even more uplifting, rather than the droll Brit sense of humor. I think there is a serious theme underlying some of the rhetoric, one which the hacks could address more simply. But I tend to appreciate the us intell outfit*s perspective concerning the open world of the *net. As for recipes, in a childhood home I visited with in-laws, there was a spaghetti test which was just as impactful as plum pudding; it was discovered by some aunts that boiling pasta in a sealed pressure-cooker could result in covering kitchen ceiling and walls with toothsome noodles if someone forgot to watch the timer, or if the steam sealing valve plugged suddently with frothing spaghetti. All of that was an inept and inadvertent idea; but several aunts swore (metaphorically) thenceforth to avoid hastiness with spaghetti cooking, and do it the old fashioned way in an open vat not a pressurecooker.

  3. Arbusto says:

    [A]re we to believe that the Generals think we’re going to win the GWOT by playing cyber-whack-a-mole with a group whose competitive advantage over us is in its nimbleness?

    Generals need jobs too. We’ve succeeded in never ending war with boots on the ground. Now our DoD intel types can have a never ending cyber war. Look at the double/triple dipping opportunities for the vast number of Generals looking at a cushy civilian job.

  4. croyal says:

    Speaking as a polyglot American living in El Paso, TX, where cultural and language politics are forefront, I am going to go off-topic here and address this “Anglo-American” nonsense. If you mean “Americans who speak English,” the term is “American Anglophones.” Anglo-Americans means Americans of English descent, which hardly encompasses the majority of English-speaking Americans, which also includes virtually all African Americans and a significant majority of Latino Americans. The latter, I can assure you, usually do not want to be called “Anglo” by any means, as well as a growing number of us white non-Hispanic Americans of Irish, German, Italian or other non-English descent. As a melanin-deficient Franco-American whose family spoke French as their first languages in this country from the time of Revolutionary War up until my father’s generation, I cannot help but think of a particular Monty Python reference (not to mention a few French insults) whenever someone tries to call me an Anglo-American. So please, if you mean people who speak English, say “Anglophones.”

    • emptywheel says:

      Fair point.

      There is a tradition of describing the wiretapping cooperation between England, the US, and other Anglophone speaking countries to be Anglo-American (bc the US is at the center of it but the other participants, including countries like NZ are also English speaking former British colonies (I don’t think the Maori would like to be included in this either). But I agree that out of that specific context it can be offensive.

  5. klynn says:

    All of the talk lately of the cyber threats to the US has me wondering and asking, “Why do we outsource so much DOD and Intel work? How much of the outsource increases our threat of a cyber attack?”

    • bobschacht says:

      “Why do we outsource so much DOD and Intel work?”

      This is a government-wide phenomenon, part of the heritage of Republican distaste for governance and belief in the omnipotence of “private enterprise.” For example, when the great oil spill happened, the myriad government agencies involved had all been hollowed out so that they had little on-board expertise and were totally dependent on oil-business consultants to even understand what was going on. Of course, this sets up the infamous “revolving door” situation where regulators are snapped up by the businesses they have been regulating, because we don’t pay enough for in-house expertise. This was conceived by the Bushies as a “cost-cutting” measure: If you reduce salaries of the expert staff, you don’t get experts.

      IOW, we “outsource so much DOD and Intel work” because of (a) at least 8 years of Bush preference for outsourcing, and (b) failure to hire and retain adequate expertise in government agencies.

      As a result, there’s been a whole shift in attitudes towards government expertise. A generation ago, the feds hired the talent they needed to have expertise that could understand and challenge the businesses being regulated. Now, they don’t.

      Bob in AZ

      • klynn says:

        bob,

        I know the history of “why” we outsource. My point in stating the question is that we increase our own risk of a cyber attack by doing so.

        IRT EW’s post, since we outsource so much, increasing our own risk, I assume “cupcakes” is par in terms of our own strategy.

  6. Adam503 says:

    Lots of ways to accomplish ones mission other than blowing the fuck out of something with the 1000 lb. warhead of a cruise missile.

    This is one. The computer virus introduced to Iranian nuclear weapon research technology is another.

    • emptywheel says:

      This doesnt’ accomplish any mission. All it does is whack a mole for two weeks (or a few days, in the case of WL). If your opponent can prove resilient to such juvenile attacks, doesn’t it strengthen them?

      It all just makes the Brits and US look stupid and petulent. That’s not going to win you hearts and minds.

      • Adam503 says:

        You might that way about particularly overdone fake threats right now like Al Queda or Iran, but might not feel that way if this had been done for example, in Juarez, Mex to remove bomb making instructions from an account from a member of the Zetas drug gang, or in Mobile to the account of anti-abortion extremists.

        There are real threats, and real obvious circumstances that require real action. Action a little more creative than firing a cruise missile at _______.

  7. ThingsComeUndone says:

    So apparently this operation against Inspire, which had government hackers and their bosses on two continents scheming and in-fighting, succeeded in delaying for two weeks the publication of a bomb recipe that probably existed elsewhere on the Internet already.

    With cupcakes.

    This is a win? unless the bomb recipe was for making real powerful explosives in a very simple way any really determined would be terrorist can read a book instead any really really determined and smart terrorist can take a few chemistry classes. This magazine is likely for high school kids not real terrorists.
    Unless of course the terrorists get inspired and decide to work on simplifying things the way McDonalds has so anyone can do it but that requires work lots of work I may criticize McD’s a lot but they are masters of simplification.

  8. ThingsComeUndone says:

    Maybe after Wiki leaks, the State dept was hacked and the IMF the Feds needed a story about a cyberspace win to prevent the voters from thinking they were all incompetent and behind in the cyberwar? After all at some point a real big bank is going to see not only cash stolen but their files wiped its only a matter of time.
    Imagine the panic as depositors can’t remove money from the banks because the banks have no record of their deposits.

  9. texasaggie says:

    What it does do is make al Qaeda look ridiculous. That in itself is worthwhile. And putting in cupcake recipes is just icing on the cake, so to speak, in putting a human face on anti al Qaeda efforts. A bit of humor rather than being some sort of serious pissant is bound to have positive repercussions. After all, the best way to take down a too serious threat is to make fun of it rather than buy into their game and take yourself down to their level. Ask the Donald what happens when people laugh at you, or the Newt (apologies to amphibians for connecting them with that sorry excuse for a living organism.)

  10. ondelette says:

    Two points: 1) The British are not bound by the First Amendment. 2) The ‘win’ may be the precedent established not the damage done.

    I don’t think this is something to laugh about if our military is genuinely considering an attack on a web publication to be a form of military mission. But then, bringing up the fact that it could incur a vast reduction of internet rights if lawyers and bloggers aren’t a bit more vigilant and less jocular about it might be considered offensive around these parts.

  11. reddog says:

    “Presumably, CIA was already monitoring who was reading Inspire.”

    I think that is the important point. Without doubt, the U.S. has the ability to log the IP address of every computer that attaches to the the Inspire website, and probably it can capture the MAC address, too. Once into the database, the IP and MAC can be cross-referenced from captured addresses of machines that attached to other jihadist sites and the CIA will have a very good idea of who is doing what and where they are. It is likely this is happening worldwide, including inside the USA, and not only jihadist sites are being monitored, but probably “green” and “anti-nuclear” and just about anything that the U.S. government decides it wants to monitor.